Last active
May 28, 2017 02:54
-
-
Save mattwoolnough/4ac2725a56c8d3f6fcb62ee68552dda1 to your computer and use it in GitHub Desktop.
Keycloak Certs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
DOMAIN=<domain> | |
KEYSTOREPW=<changeme> | |
GFDOMAIN=/opt/keycloak-3.1.0.Final/standalone/configuration/ | |
LIVE=/etc/letsencrypt/live/$DOMAIN | |
sudo openssl pkcs12 -export -in $LIVE/cert.pem -inkey $LIVE/privkey.pem -out cert_and_key.p12 -name myalias -CAfile $LIVE/chain.pem -caname root -password pass:$KEYSTOREPW | |
sudo keytool -importkeystore -destkeystore keystore.jks -srckeystore cert_and_key.p12 -srcstoretype PKCS12 -alias myalias -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW | |
sudo keytool -import -noprompt -trustcacerts -alias root -file $LIVE/chain.pem -keystore keystore.jks -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW | |
sudo openssl pkcs12 -export -in $LIVE/fullchain.pem -inkey $LIVE/privkey.pem -out pkcs.p12 -name keycloak -password pass:$KEYSTOREPW | |
sudo keytool -importkeystore -destkeystore keystore.jks -srckeystore pkcs.p12 -srcstoretype PKCS12 -alias keycloak -srcstorepass $KEYSTOREPW -deststorepass $KEYSTOREPW -destkeypass $KEYSTOREPW | |
sudo keytool -list -keystore keystore.jks -storepass $KEYSTOREPW | |
mv keystore.jks $GFDOMAIN/keycloak.jks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment